Principal PM · AI Security · Microsoft Defender

Asaf Nakash

Building the security layer for agentic software — before attackers do.

I lead AI Security Posture Management at Microsoft Defender, helping enterprises discover their AI agent footprint, detect misconfigurations, and assess and reduce risk efficiently, everywhere the agent runs. I write about what breaks as software becomes agentic in Context Window.

2 Patents in Cloud Security2× Founder (1 acquired)IDF Cyber DefenseMicrosoft MVP

25+

years in security
& cloud infrastructure

2

patents in
cloud security

founder — one acquired
(NASDAQ: MGIC)

8+

years at Microsoft
Defender & Azure

“Trust is now an exploit primitive, not a defense.”

— Context Window, Edition #13

01About

How I got here

Seven years in IDF Cyber Defense. Two companies founded — one acquired (NASDAQ: MGIC), one grew to 50+ people and became Microsoft’s #1 Azure partner in Israel. 8+ years at Microsoft building Defender. Two patents. Promoted to Principal PM to lead AI Security Posture Management in Microsoft Defender.

Now I build AI Security Posture Management from the ground up — agent discovery, risk scoring, attack path analysis, compliance mapping to EU AI Act and NIST AI RMF. I write Context Window and speak at global security conferences.

Posture used to be a photograph — a point-in-time scan that tells you how things stood. But agent risk is created at runtime. The question is no longer “is this configured correctly?” — it’s “given who’s asking, and with what authority, should this happen right now?”

— Asaf

02Writing

Context Window, in writing

All editions

Latest briefing

July 13, 2026 · Edition #23

You Can't Lower the Odds Anymore. Lower the Blast Radius.

Risk has always been the same equation: how likely a compromise is, times how much it costs when it lands. Likelihood and impact.

22
Every Input Is a Potential Instruction

This week the world argued, again, about whether a frontier model is too capable to let just anyone use it. In a talk I

21
The Level Playing Field Is Ending

For a few remarkable years, the best AI on earth was a commodity. A student in Nairobi, a startup in Tel Aviv, and a For

View all 20 editions

03Listening

On the podcast

Context Window podcast cover

Context Window

Weekly · AI Security · Podcast & Newsletter

AI-generated voices, AI-curated scripts — human editorial. Each week I break down one signal worth understanding in AI security. Read it in 5 minutes or listen on the go.

“Your security posture isn’t what you built. It’s the weakest thing in your stack that has access to what you built.”

— Context Window, Edition #16

04Building

Things I’ve built

Product judgment gets sharper when you still make things yourself. Some are serious, some are strange.

Forecast

Paul the Agent

Self-grading FIFA World Cup 2026 predictions dashboard. An ensemble model (Dixon-Coles + Elo + momentum) locks scorelines before kickoff, then grades itself against real results.

Source
Book

The Agentic PM

How product management changes when AI agents become teammates, users, and attack surfaces. Open-source.

Source
Media

Context Window Site

Podcast home — episode archive, RSS, Spotify and Apple integration. Static-first.

Toolsoon

PagerPR

AI-powered personal brand engine for thought leaders and creators.

Hardware

MetBarista

Open-source espresso machine controller — hardware automation meets ritualized product UX.

Source
Game

Chop Chop

Chaotic multiplayer kitchen card game. Designed, playtested, shipped as a browser game.

Source
Experiment

Magic Song Machine

Generative music — AI-assisted composition and sound design.

Source

05Connect

Get in touch

For speaking, advisory, AI security strategy, or just to argue about agentic risk — email is best.

[email protected]

Elsewhere